Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/4CLeeil6rnYYbSXDioOdMRk-fu0.roa
File: 4CLeeil6rnYYbSXDioOdMRk-fu0.roa (raw, json)
Hash identifier: nA2tspg1OX/8GxIGauCnmSzDzS8p+XC3M6EwX+K2Zuc=
Subject key identifier: E0:22:DE:7A:29:7A:AE:76:18:6D:25:C3:8A:83:9D:31:19:3E:7E:ED
Certificate issuer: /CN=33c342c06aacc359d39439ff58defa8ea1875748
Certificate serial: 019422FAF005AE8981BE64FCA5806244CC05
Authority key identifier: 33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/4CLeeil6rnYYbSXDioOdMRk-fu0.roa
Signing time: Wed 01 Jan 2025 17:47:38 +0000
ROA not before: Wed 01 Jan 2025 17:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50443
IP address blocks: 109.236.254.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fa:f0:05:ae:89:81:be:64:fc:a5:80:62:44:cc:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33c342c06aacc359d39439ff58defa8ea1875748
Validity
Not Before: Jan 1 17:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e022de7a297aae76186d25c38a839d31193e7eed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d5:16:ee:15:ba:05:aa:a2:0c:61:45:e0:e1:
ce:6e:db:0c:e5:1c:83:d0:29:be:15:57:c7:1d:ed:
c4:33:d6:d5:06:f1:2b:f5:92:9f:6d:b3:82:10:0e:
b9:3e:8f:b4:28:d2:64:6c:36:3b:1f:b9:b1:9a:49:
23:a4:fb:c3:53:f0:fe:ea:30:6c:4b:e3:96:fd:fb:
d7:25:28:99:9f:04:80:67:57:a3:d2:05:ab:0a:4e:
fd:4b:ef:c9:cf:5e:4a:23:66:bc:7a:4c:c4:1e:ac:
91:b5:22:5a:be:c9:13:ca:f1:f0:f5:88:dc:ac:63:
8e:93:67:e9:e7:f6:2b:05:b2:88:48:e6:d7:72:ec:
0f:97:35:1c:2f:2b:1d:b1:02:9f:fb:e3:49:c4:2f:
c2:10:8d:85:0d:d3:ed:ee:52:44:49:e2:a4:bb:a4:
2e:5f:5a:3d:2f:7d:ea:86:3f:ed:6d:6a:e3:46:1a:
87:6d:59:cc:ff:f0:85:79:f7:f4:8f:64:23:3c:81:
7f:5f:b6:c2:95:97:53:9d:73:0d:de:fd:97:a2:7d:
59:03:74:cb:65:e5:93:1e:98:1d:64:db:3a:0b:30:
b8:30:40:4c:ca:1c:58:f7:e6:5f:bf:65:af:f3:44:
e4:43:7f:b1:7f:87:ae:7d:ee:4c:5b:fd:ad:fd:b4:
d1:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:22:DE:7A:29:7A:AE:76:18:6D:25:C3:8A:83:9D:31:19:3E:7E:ED
X509v3 Authority Key Identifier:
keyid:33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/4CLeeil6rnYYbSXDioOdMRk-fu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.254.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:b4:53:65:33:09:bf:4a:5d:a7:bf:1f:c1:00:94:f5:c2:86:
dc:6f:86:ef:65:8b:8e:b4:a2:73:aa:f1:b7:8b:22:5b:2e:f9:
42:1e:50:70:7f:3f:80:8b:05:65:85:76:57:43:fc:15:34:5f:
58:35:14:45:44:77:fc:f1:f5:97:78:51:76:50:d7:87:d6:df:
d7:c6:95:02:03:a5:08:fa:ce:b7:04:c2:ce:30:c7:7d:1e:f4:
00:bc:fd:f9:29:e6:1e:e4:c5:be:e9:88:dd:fe:44:91:b2:f0:
0a:ad:48:6d:37:05:5b:de:c4:db:fe:9a:0f:fb:81:66:1e:f0:
d6:86:39:cf:84:56:e7:54:f3:ec:0c:06:85:38:2b:8a:91:99:
21:1d:0b:20:0b:df:1e:14:50:b2:e6:65:a7:ae:d4:d3:b8:43:
20:36:f6:c4:e4:4d:d9:a9:b8:a7:f3:79:23:87:13:88:df:04:
83:dd:8d:17:f3:a1:d9:47:1c:51:23:cc:dc:59:af:16:2a:90:
14:4c:6e:75:3a:a2:a4:82:2d:8b:60:d4:00:71:e7:1a:15:2d:
65:51:8a:e9:0b:07:2c:06:89:3f:80:6e:35:36:bf:0c:a1:e7:
4b:67:76:09:73:da:ba:8c:83:ba:14:2a:69:9c:9a:44:50:28:
5c:b5:2a:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+vAFromBvmT8pYBiRMwFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYzM0MmMwNmFhY2MzNTlkMzk0MzlmZjU4ZGVmYThlYTE4
NzU3NDgwHhcNMjUwMTAxMTc0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDIyZGU3YTI5N2FhZTc2MTg2ZDI1YzM4YTgzOWQzMTE5M2U3ZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytUW7hW6BaqiDGFF4OHObtsM5RyD
0Cm+FVfHHe3EM9bVBvEr9ZKfbbOCEA65Po+0KNJkbDY7H7mxmkkjpPvDU/D+6jBs
S+OW/fvXJSiZnwSAZ1ej0gWrCk79S+/Jz15KI2a8ekzEHqyRtSJavskTyvHw9Yjc
rGOOk2fp5/YrBbKISObXcuwPlzUcLysdsQKf++NJxC/CEI2FDdPt7lJESeKku6Qu
X1o9L33qhj/tbWrjRhqHbVnM//CFeff0j2QjPIF/X7bClZdTnXMN3v2Xon1ZA3TL
ZeWTHpgdZNs6CzC4MEBMyhxY9+Zfv2Wv80TkQ3+xf4eufe5MW/2t/bTRewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOAi3nopeq52GG0lw4qDnTEZPn7tMB8GA1UdIwQY
MBaAFDPDQsBqrMNZ05Q5/1je+o6hh1dIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUt
N2YyMzMzNjA0OTk3LzEvNENMZWVpbDZybllZYlNYRGlvT2RNUmstZnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUtN2YyMzMzNjA0OTk3
LzEvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbez+MA0G
CSqGSIb3DQEBCwUAA4IBAQAatFNlMwm/Sl2nvx/BAJT1wobcb4bvZYuOtKJzqvG3
iyJbLvlCHlBwfz+AiwVlhXZXQ/wVNF9YNRRFRHf88fWXeFF2UNeH1t/XxpUCA6UI
+s63BMLOMMd9HvQAvP35KeYe5MW+6Yjd/kSRsvAKrUhtNwVb3sTb/poP+4FmHvDW
hjnPhFbnVPPsDAaFOCuKkZkhHQsgC98eFFCy5mWnrtTTuEMgNvbE5E3Zqbin83kj
hxOI3wSD3Y0X86HZRxxRI8zcWa8WKpAUTG51OqKkgi2LYNQAcecaFS1lUYrpCwcs
Bok/gG41Nr8MoedLZ3YJc9q6jIO6FCppnJpEUChctSoL
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:43 2025 by rpki-client on console.sobornost.net